* Ali Gouta <ali.go...@gmail.com> [2011-04-13 11:39]:
> Hello,
>
> So here I want to show share with you some information.
> In fact, to be able te cout traffic of one session its already counted in :
> pf.c in s->bytes[dirndx] += pd.tot_len;
> there is no way to make this done only to modify some kernel code because
> once a state is created on a session there is no way to change queue only by
> acting on the qid and pqid used in a state ...
>
> So I found in pf.c (always) :
> if (s) {
> pf_scrub_ip(&m, s->state_flags, s->min_ttl, s->set_tos);
> pf_tag_packet(m, s->tag, s->rtableid);
> if (pqid || (pd.tos & IPTOS_LOWDELAY))
> qid = s->pqid;
> else
> qid = s->qid;
> } else {
> pf_scrub_ip(&m, r->scrub_flags, r->min_ttl, r->set_tos);
> pf_tag_packet(m, r->tag, r->rtableid);
> if (pqid || (pd.tos & IPTOS_LOWDELAY))
> qid = r->pqid;
> else
> qid = r->qid;
> }
>
> Here I want to propose to you a primary solution that I want to know your
> opinion about :
>
> Change: *if (pqid || (pd.tos & IPTOS_LOWDELAY))*
> qid = s->pqid;
>
> to:
> *
> dirndx = (dir == s->direction) ? 0 : 1;*
> if (pqid || (pd.tos & IPTOS_LOWDELAY) || *(**betoh64(**s->bytes[dirndx]) <
> 15000)*)
> qid = s->pqid;
>
> What do you think about that ? Does it respond to the issue or should I look
> in other functions ??
holy crap. this is wrong in at least 5 ways. please do yourself and
everybody else a favor and don't touch kernel code.
for fun, run that on a 32 bit machine. or a big endian one.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting
